Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/WIUfD6o4gTlmCZAZgvBaQ0oivWA.roa
File: WIUfD6o4gTlmCZAZgvBaQ0oivWA.roa (raw, json)
Hash identifier: ISOTwctCMgFLKOd4YBrWNRVcSsl8DtK6orpE+tVX+6o=
Subject key identifier: 58:85:1F:0F:AA:38:81:39:66:09:90:19:82:F0:5A:43:4A:22:BD:60
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01983C70DA1640789BAE88B984FC0877ED5D
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/WIUfD6o4gTlmCZAZgvBaQ0oivWA.roa
Signing time: Thu 24 Jul 2025 12:38:05 +0000
ROA not before: Thu 24 Jul 2025 12:38:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18186
IP address blocks: 2.58.244.0/22 maxlen: 24
2.58.248.0/22 maxlen: 24
5.183.116.0/22 maxlen: 24
5.183.120.0/22 maxlen: 24
45.8.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 21:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3c:70:da:16:40:78:9b:ae:88:b9:84:fc:08:77:ed:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jul 24 12:38:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=58851f0faa3881396609901982f05a434a22bd60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:74:b0:96:3f:d8:9f:88:8c:09:bd:69:b6:c3:
a1:de:9f:b1:c5:e9:c8:7d:77:83:3f:79:4a:0c:6d:
33:37:25:fa:49:7a:02:96:61:3c:ad:27:b0:63:0f:
a6:f8:14:ae:84:f3:53:ca:60:e2:90:64:f9:3b:df:
d6:a2:0e:eb:ac:de:bc:12:9f:2e:a3:36:fb:6f:00:
cd:45:c8:29:6c:44:80:f4:72:aa:ac:d0:a9:ad:00:
fe:c3:6a:a0:74:15:d1:ff:6d:28:eb:8c:f8:21:5e:
46:20:11:d8:e2:44:c6:cf:5e:55:44:d5:fb:cc:38:
82:e4:a2:da:95:ca:e1:65:05:1a:d6:5e:e1:1e:3d:
22:8d:67:86:43:b2:cf:d4:20:18:e6:c2:fe:6b:c1:
38:e6:f9:6e:c8:13:48:cf:fd:1b:6a:a8:d7:87:39:
b2:44:3a:b7:9f:4b:7c:bb:44:03:ba:b4:67:4e:bf:
4d:80:51:dc:12:ec:fb:9a:43:1f:7b:d4:c2:9b:2e:
5a:9a:62:90:b6:f2:f2:91:90:70:50:05:17:55:9f:
63:0d:81:d0:cf:7e:c4:fd:ce:02:ed:76:ac:22:5f:
08:b5:a4:40:33:86:8f:6f:80:fe:fd:40:c1:b0:75:
45:92:cc:21:f0:7f:2f:48:99:d0:02:18:0f:3f:01:
16:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:85:1F:0F:AA:38:81:39:66:09:90:19:82:F0:5A:43:4A:22:BD:60
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/WIUfD6o4gTlmCZAZgvBaQ0oivWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.244.0-2.58.251.255
5.183.116.0-5.183.123.255
45.8.32.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:03:09:2c:7e:45:70:7e:1c:0f:22:45:77:21:b1:70:7b:75:
89:0f:57:59:f6:d6:56:c2:e6:ed:0c:02:da:52:07:f7:a8:20:
64:26:f6:73:86:92:d7:ae:ab:81:e1:51:b1:54:79:1c:5a:7a:
1f:59:62:9b:e3:ad:bb:97:39:b3:61:97:6c:55:1b:08:19:af:
28:ba:36:34:57:46:92:f8:9a:39:45:1f:1e:84:f0:c8:89:89:
bf:1d:76:8e:1b:1c:3d:9e:93:b0:7b:e9:5b:79:00:06:f7:fb:
07:e3:cf:11:97:38:ab:1a:53:3d:09:d1:2c:aa:44:77:16:d4:
b9:9c:20:60:0f:63:c8:de:05:ff:7f:2d:de:e5:12:3c:68:e9:
28:0f:1b:19:ed:82:d4:4c:70:8a:42:07:be:2d:7d:79:d8:25:
97:34:36:3e:65:4c:46:2c:0e:9a:7f:ec:ef:7a:fe:bb:64:12:
2b:ab:2c:c4:03:70:37:91:29:d1:f8:24:1c:3b:80:14:69:3e:
45:22:33:62:d0:6c:19:be:88:8d:a3:91:ed:25:a5:9d:2c:8e:
4e:4f:bd:56:ce:09:f6:52:c3:dd:51:20:a0:9c:ca:bf:16:ef:
ae:8e:47:99:9d:ab:e5:07:a4:9f:e9:0b:60:97:ae:fc:66:38:
44:a7:93:de
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZg8cNoWQHibroi5hPwId+1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwNzI0MTIzODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODg1MWYwZmFhMzg4MTM5NjYwOTkwMTk4MmYwNWE0MzRhMjJiZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXSwlj/Yn4iMCb1ptsOh3p+xxenI
fXeDP3lKDG0zNyX6SXoClmE8rSewYw+m+BSuhPNTymDikGT5O9/Wog7rrN68Ep8u
ozb7bwDNRcgpbESA9HKqrNCprQD+w2qgdBXR/20o64z4IV5GIBHY4kTGz15VRNX7
zDiC5KLalcrhZQUa1l7hHj0ijWeGQ7LP1CAY5sL+a8E45vluyBNIz/0baqjXhzmy
RDq3n0t8u0QDurRnTr9NgFHcEuz7mkMfe9TCmy5ammKQtvLykZBwUAUXVZ9jDYHQ
z37E/c4C7XasIl8ItaRAM4aPb4D+/UDBsHVFkswh8H8vSJnQAhgPPwEWcwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFiFHw+qOIE5ZgmQGYLwWkNKIr1gMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvV0lVZkQ2bzRnVGxtQ1pBWmd2QmFRMG9pdldBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAICOvQD
BAICOvgwDAMEAgW3dAMEAgW3eAMEAi0IIDANBgkqhkiG9w0BAQsFAAOCAQEAoQMJ
LH5FcH4cDyJFdyGxcHt1iQ9XWfbWVsLm7QwC2lIH96ggZCb2c4aS166rgeFRsVR5
HFp6H1lim+Otu5c5s2GXbFUbCBmvKLo2NFdGkviaOUUfHoTwyImJvx12jhscPZ6T
sHvpW3kABvf7B+PPEZc4qxpTPQnRLKpEdxbUuZwgYA9jyN4F/38t3uUSPGjpKA8b
Ge2C1ExwikIHvi19edgllzQ2PmVMRiwOmn/s73r+u2QSK6ssxANwN5Ep0fgkHDuA
FGk+RSIzYtBsGb6IjaOR7SWlnSyOTk+9Vs4J9lLD3VEgoJzKvxbvro5HmZ2r5Qek
n+kLYJeu/GY4RKeT3g==
-----END CERTIFICATE-----
Generated at Sat Jul 26 04:03:25 2025 by rpki-client